Fortinet security incident

12/09/2024

Fortinet has claimed to have been the victim of a cyber-attack, when unauthorised access to a limited number of files stored on a third party instance was detected. This is estimated to have affected less than 0.3% of Fortinet's customers.

At the time of publication, there has been no evidence of malicious activity affecting any customers, and Fortinet's products and services were not affected, so it remains business as usual. The incident did not involve data encryption, ransomware deployment or access to Fortinet's corporate network.

Upon detection of the access, Fortinet immediately implemented the self-protection plan, and contacted the affected customers. The unauthorised connection was stopped, the incident was contained and an investigation was started. Security agencies around the globe were contacted to inform them and internal processes were increased to improve security for the future.

References

12/09/2024

fortinet.com

Notice of Recent Security Incident
12/09/2024

bleepingcomputer.com

Fortinet confirms data breach after hacker claims to steal 440GB of files
12/09/2024

therecord.media

Fortinet says hackers accessed ‘limited’ number of customer files on third-party drive
13/09/2024

theregister.com

Fortinet admits miscreant got hold of customer data in the cloud
13/09/2024

securityweek.com

BreachesFortinet Data Breach Impacts Customer Information

Etiquetas